Overview

overview

10

Static

static

10

3516-47-0x...ry.exe

windows7-x64

1

3516-47-0x...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    3516-47-0x0000000000400000-0x0000000000471000-memory.dmp

  • Size

    452KB

  • MD5

    dcd552b4bae958b73ff1e790fa2b9685

  • SHA1

    e44e1c9d19ad751eb6b2de8405528340e5e79dc4

  • SHA256

    d86095366b63bc84e7ff062aa7c51fd1ec61d7ca61bfbe9f2be4dbd946b6356d

  • SHA512

    f9702f31f05c62994c66bcb01eeed9ed1326da412c50d87bce73ac9ad7d810210f5b5ce3f2b7427932f0506a7ebde8cf04f5c2c6cd2c46906d5b358c19ce0166

  • SSDEEP

    6144:WNvC1zqSQz/E+KM9Lys1WIQuWyV3EszeC+SktSAUEqIbyC:WNvC1zqjETs1z/hVBzeC+SkIpIby

Score
10/10
25f5344bfcb62e75b7946c3a681aec54vidar

Malware Config

Extracted

Family

vidar

Version

5.4

Botnet

25f5344bfcb62e75b7946c3a681aec54

C2

https://t.me/vogogor

https://steamcommunity.com/profiles/76561199545993403
Attributes
  • profile_id_v2

    25f5344bfcb62e75b7946c3a681aec54

  • user_agent

    Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.2.13 (KHTML, like Gecko) Version/16.5.2 Safari/605.2.13

Signatures

  • Vidar family
    vidar
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 3516-47-0x0000000000400000-0x0000000000471000-memory.dmp
    .exe windows x86


    Headers

    Sections